VYPR

ProSAFE Network Management System

by Netgear

CVEs (13)

  • CVE-2023-49693CriNov 29, 2023
    risk 0.64cvss 9.8epss 0.01

    NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code.

  • CVE-2021-27274CriMar 29, 2021
    risk 0.64cvss 9.8epss 0.08

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MFileUploadController class.…

  • CVE-2021-27273HigMar 29, 2021
    risk 0.62cvss 8.8epss 0.65

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The…

  • CVE-2024-5505HigJun 6, 2024
    risk 0.61cvss 8.8epss 0.47

    NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is…

  • CVE-2024-5246HigMay 23, 2024
    risk 0.60cvss 8.8epss 0.31

    NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this…

  • CVE-2021-27275HigMar 29, 2021
    risk 0.60cvss 8.3epss 0.73

    This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication…

  • CVE-2024-5247HigMay 23, 2024
    risk 0.59cvss 8.8epss 0.27

    NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is…

  • CVE-2024-6814HigAug 21, 2024
    risk 0.57cvss 8.8epss 0.02

    NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to…

  • CVE-2024-6813HigAug 21, 2024
    risk 0.57cvss 8.8epss 0.02

    NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to…

  • CVE-2021-27276HigMar 29, 2021
    risk 0.52cvss 7.1epss 0.72

    This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The…

  • CVE-2021-27272HigMar 29, 2021
    risk 0.52cvss 7.1epss 0.74

    This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The…

  • CVE-2024-5245HigMay 23, 2024
    risk 0.51cvss 7.8epss 0.01

    NETGEAR ProSAFE Network Management System Default Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. An attacker must first obtain the…

  • CVE-2023-49694HigNov 29, 2023
    risk 0.51cvss 7.8epss 0.01

    A low-privileged OS user with access to a Windows host where NETGEAR ProSAFE Network Management System is installed can create arbitrary JSP files in a Tomcat web application directory. The user can then execute the JSP files under the security context of SYSTEM.